Kiran Bandla kbandla
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import dpkt | |
| from dpkt.ip import IP | |
| from dpkt.ethernet import Ethernet | |
| from dpkt.arp import ARP | |
| from pprint import pprint | |
| import socket | |
| import sys | |
| import csv | |
| from Tkinter import * | |
| import tkMessageBox |
kbandla
/ dpkt_254.py
Created
March 16, 2016 14:45
quick code for issue #254 ( 6244444680ba446da153812333568096 )
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ''' | |
| dpkt issue 254 | |
| ''' | |
| import dpkt | |
| from dpkt.ip import IP | |
| from dpkt.ethernet import Ethernet | |
| from dpkt.arp import ARP | |
| from pprint import pprint | |
| import socket |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // | |
| // debugger.cpp | |
| // | |
| // The MSEC Debugger Functions | |
| // | |
| // | |
| // Developed by the Microsoft Security Engineering Center (MSEC) | |
| // Copyright 2008-2013, Microsoft Corporation | |
| // | |
| // Microsoft Public License (Ms-PL) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import dpkt | |
| from dpkt.ip import IP | |
| from dpkt.ethernet import Ethernet | |
| import struct | |
| import socket | |
| import csv | |
| def ip_to_str(address): | |
| return socket.inet_ntoa(address) | |
| f = open('sample.pcap', 'rb') | |
| pcap = dpkt.pcap.Reader(f) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import re | |
| from pdb import set_trace | |
| data = open('data.text').read() | |
| """ | |
| Software version: | |
| 5.2.0, 5.3 | |
| Operating system(s): | |
| Firmware |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import dpkt | |
| f = open('dns.pcap') | |
| pcap = dpkt.pcap.Reader(f) | |
| for ts, buf in pcap: | |
| eth = dpkt.ethernet.Ethernet(buf) | |
| ip = eth.data | |
| udp = ip.data | |
| dns = dpkt.dns.DNS(udp.data) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <netdb.h> | |
| #include <stdio.h> | |
| #include <stdlib.h> | |
| #include <string.h> | |
| #include <errno.h> | |
| #define CANARY "in_the_coal_mine" | |
| struct { | |
| char buffer[1024]; |
kbandla
/ dns_11_12_2014
Created
November 12, 2014 15:22
NULL DNS queries for the last week (honeypot data)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| IP AS Name | |
| --------------- ----- -------------------- | |
| 208.98.12.145 46844 ST-BGP - Sharktech | |
| 120.147.244.41 1221 ASN-TELSTRA Telstra Pty Ltd | |
| 80.47.167.203 9105 TISCALI-UK Tiscali UK | |
| 108.193.6.137 7018 ATT-INTERNET4 - AT&T Services, Inc. | |
| 86.126.42.246 8708 RCS-RDS RCS & RDS SA | |
| 108.61.125.49 20473 AS-CHOOPA - Choopa, LLC | |
| 94.156.27.155 39396 NBIS-AS NBI Systems Ltd. | |
| 76.218.76.61 7018 ATT-INTERNET4 - AT&T Services, Inc. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ''' | |
| In some cases, OS X 10.9.5 is unable to find fuzzy.h | |
| A temporary solution is to force setup.py to look in library_dirs and include_dirs | |
| ''' | |
| from distutils.core import setup, Extension | |
| import os | |
| def get_version(): | |
| with open(os.path.join(os.path.dirname(__file__), 'pydeep.c'),'r') as f: |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| MD5 (CCProjectMgrStubEx.dll) = de6c083b7f6bcd404375285eb7ce98ba | |
| MD5 (config.bak) = c931be9cd2c0bd896ebe98c9304fea9e | |
| MD5 (default.txt) = ef618bd99411f11d0aa5b67d1173ccdf | |
| MD5 (devlist.cim) = 59e41a4cdf2a7d37ac343d0293c616b7 | |
| MD5 (shell.bcl) = bdc7fafc26bee0e5e75b521a89b2746d | |
| MD5 (slide1.gif) = 8a7c30a7a105bd62ee71214d268865e3 | |
| MD5 (slides.inf) = 8313034e9ab391df83f6a4f242ec5f8d | |
| MD5 (view.ph) = 48937e732d0d11e99c68895ac8578374 |